<?php

header("Content-type: text/html; charset=utf-8");
session_start();

require_once '../common/conn.php';
require_once '../common/function.php';
require_once '../db/account.db.php';
require_once '../db/accountMoney.db.php';

$action = $_POST['action'];

switch ($action) {
    case 'login':
        login();
        break;
    case 'logout':
        logout();
        break;
    case 'modifyPassword':
        modifyPassword();
        break;
    case 'sendGold':
        sendGold();
        break;
    case 'register':
        register();
        break;
    case 'searchUser':
        searchUser();
        break;
    case 'giftGold':
        giftGold();
        break;
    default:
        $res['code'] = 2;
        $res['msg'] = '申请类型错误';
}

/**
 * 登录
 */
function login() {
    $accountId = isset($_POST['username']) ? addslashes(trim($_POST['username'])) : "";
    $accountPass = isset($_POST['password']) ? addslashes(trim($_POST['password'])) : "";

    $validatecode = isset($_POST['validatecode']) ? addslashes(trim($_POST['validatecode'])) : "validatecode";

    if (strtolower($validatecode) != strtolower($_SESSION['authnum_session'])) {
        echo "<script type=\"text/javascript\">alert('验证码不正确')</script>";
    } else {

        $dbc = new DBC();
        $accountDb = new AccountDb($dbc);
        $user = $accountDb->getAccount($accountId, $accountPass);        file_put_contents("sss.txt", json_encode($user));
        if (isArrayNotEmpty($user)) {
            $_SESSION['AccUnique'] = $user[0]['AccUnique'];
            $_SESSION['AccountID'] = $user[0]['AccountID'];
        } else {
            echo "<script type=\"text/javascript\">alert('登陆错误')</script>";
        }
        $dbc->close();
    }
    echo "<script type='text/javascript'>location.href='../index.php'</script>";
    exit;
}

/**
 * 退出登录
 */
function logout() {
    $username = isset($_POST['username']) ? addslashes(trim($_POST['username'])) : "username";
    $accountId = isset($_SESSION['AccountID']) ? addslashes(trim($_SESSION['AccountID'])) : "acccountId";
    if ($accountId == $username) {
        unset($_SESSION['AccountID']);
        unset($_SESSION['cart']);
        unset($_SESSION['cartReady']);
    }
    echo "<script type='text/javascript'>location.href='../index.php'</script>";
    exit;
}

/**
 * 修改密码
 */
function modifyPassword() {
    $username = isset($_POST['username']) ? addslashes(trim($_POST['username'])) : "username";
    $password = isset($_POST['password']) ? addslashes(trim($_POST['password'])) : "password";
    $password1 = isset($_POST['password1']) ? addslashes(trim($_POST['password1'])) : "password1";
    $password2 = isset($_POST['password2']) ? addslashes(trim($_POST['password2'])) : "password2";

    $ok = false;
    if ($password1 == "" || $password2 == "" || $password == "") {
        echo "<script type=\"text/javascript\">alert('请输入密码')</script>";
    } else if ($password1 != $password2) {
        echo "<script type=\"text/javascript\">alert('两次输入的新密码不一致')</script>";
    } else {
        $dbc = new DBC();
        $accountDb = new AccountDb($dbc);
        $user = $accountDb->getAccount($username, $password);
        if (isArrayNotEmpty($user)) {
            if ($accountDb->modifyPassword($user[0]['AccUnique'], $username, $password, $password1)) {
                $ok = true;
            } else {
                echo "<script type=\"text/javascript\">alert('修改密码失败')</script>";
            }
        } else {
            echo "<script type=\"text/javascript\">alert('旧密码不正确')</script>";
        }
        $dbc->close();
    }
    if ($ok) {
        echo "<script type='text/javascript'>location.href='../index.php'</script>";
    } else {
        echo "<script type='text/javascript'>location.href='../modify.php'</script>";
    }
    exit;
}

/**
 * 管理员赠送金币
 */
function sendGold() {
    $accUnique = isset($_POST['accUnique']) ? addslashes(trim($_POST['accUnique'])) : "";
    $gold = isset($_POST['gold']) ? addslashes(trim($_POST['gold'])) : "";
    if (is_numeric($gold)) {
        $dbc = new DBC();
        $accountMoneyDb = new AccountMoneyDb($dbc);
        $result = $accountMoneyDb->sendAccountMoney($accUnique, $gold);
        if ($result) {
            echo "<script type=\"text/javascript\">alert('赠送成功')</script>";
        } else {
            echo "<script type=\"text/javascript\">alert('赠送失败')</script>";
        }
        $dbc->close();
    } else {
        echo "<script type=\"text/javascript\">alert('金币必须是数字')</script>";
    }

    echo "<script type='text/javascript'>location.href='../account_list.php'</script>";
    exit;
}

/**
 * 注册
 */
function register() {
    $username = isset($_POST['username']) ? addslashes(trim($_POST['username'])) : "username";
    $password1 = isset($_POST['password1']) ? addslashes(trim($_POST['password1'])) : "password1";
    $password2 = isset($_POST['password2']) ? addslashes(trim($_POST['password2'])) : "password2";
    $validatecode = isset($_POST['validatecode']) ? addslashes(trim($_POST['validatecode'])) : "validatecode";

    $ok = false;
    if (strtolower($validatecode) != strtolower($_SESSION['authnum_session'])) {
        echo "<script type=\"text/javascript\">alert('验证码不正确')</script>";
    } else if ($username == "") {
        echo "<script type=\"text/javascript\">alert('请输入用户名')</script>";
    } else if ($password1 == "" || $password2 == "") {
        echo "<script type=\"text/javascript\">alert('请输入密码')</script>";
    } else if ($password1 != $password2) {
        echo "<script type=\"text/javascript\">alert('两次输入的新密码不一致')</script>";
    } else {
        $dbc = new DBC();
        $accountDb = new AccountDb($dbc);
        $user = $accountDb->getAccountByName($username);
        if (isArrayNotEmpty($user)) {
            $str = "用户名 " . $username . " 已存在";
            echo "<script type=\"text/javascript\">alert('" . $str . "')</script>";
        } else {
            if ($accountDb->addNewAccount($username, $password1)) {
                $accountMoneyDb = new AccountMoneyDb($dbc);
                $newUser = $accountDb->getAccountByName($username);
                if (isArrayNotEmpty($newUser)) {
                    $accountMoneyDb->setAccountMoneyZero($newUser[0]['AccUnique']);
                }
                $ok = true;
            } else {
                $str = "注册失败，请重试";
                echo "<script type=\"text/javascript\">alert('" . $str . "')</script>";
            }
        }
        $dbc->close();
    }
    if ($ok) {
        $str = "恭喜您，注册成功";
        echo "<script type=\"text/javascript\">alert('" . $str . "')</script>";
        echo "<script type='text/javascript'>location.href='../index.php'</script>";
    } else {
        echo "<script type='text/javascript'>location.href='../register.php?username=" . $username . "'</script>";
    }
    exit;
}

function searchUser() {
    $username = isset($_POST['username']) ? addslashes(trim($_POST['username'])) : "";

    $dbc = new DBC();
    $accountDb = new AccountDb($dbc);
    $user = $accountDb->getAccountByName($username);
    if (isArrayNotEmpty($user)) {
        
    } else {
        $username = "";
    }
    $dbc->close();
    echo "<script type='text/javascript'>location.href='../gold_gift.php?username=" . $username . "'</script>";
    exit;
}

/**
 * 用户间赠送金币
 */
function giftGold() {
    $otherAccUnique = isset($_POST['otherAccUnique']) ? addslashes(trim($_POST['otherAccUnique'])) : "";
    $accUnique = isset($_POST['accUnique']) ? addslashes(trim($_POST['accUnique'])) : "";
    $gold = isset($_POST['gold']) ? addslashes(trim($_POST['gold'])) : "";
    if (is_numeric($gold)) {
        $dbc = new DBC();
        $accountMoneyDb = new AccountMoneyDb($dbc);
        $myAccountMoney = $accountMoneyDb->getAccountMoney($accUnique);
        if (isArrayNotEmpty($myAccountMoney)) {
            $balance = $myAccountMoney[0]['Balance'];
            if ($balance < $gold) {
                echo "<script type=\"text/javascript\">alert('余额不足')</script>";
            } else {
                $result = $accountMoneyDb->giftAccountMoney($accUnique, $otherAccUnique, $gold);
                if ($result) {
                    echo "<script type=\"text/javascript\">alert('赠送成功')</script>";
                } else {
                    echo "<script type=\"text/javascript\">alert('赠送失败')</script>";
                }
            }
        }

        $dbc->close();
    } else {
        echo "<script type=\"text/javascript\">alert('金币必须是数字')</script>";
    }

    echo "<script type='text/javascript'>location.href='../index.php'</script>";
    exit;
}
